### Get Application Installation Mode Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/group__mdm__application.html API to get the current installation mode for all applications. ```APIDOC ## mdm_get_application_installation_mode ### Description API to get the current installation mode for all applications. ### Signature mdm_status_t | mdm_get_application_installation_mode (void) ``` -------------------------------- ### Install Application by URL Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/application_8h_source.html Installs an application from a given URL. This function requires appropriate privileges and provides a callback for status updates. ```c mdm_result_t mdm_install_application_by_url(const char *store_url, const char *app_name, mdm_client_callback_function_ext cb_function, void *user_data); ``` -------------------------------- ### Client Bringup with DualDAR Library Installation Source: https://docs.samsungknox.com/dev/knox-sdk/features/independent-software-vendors-da/dualdar-isv-integration Implement client initialization and library installation in the onClientBringup() callback. Check for version mismatches and install the DualDAR client library and secondary files using installLibrary(). ```java public boolean onClientBringup() { // Install new version of dual dar client library and other files if version mismatch if (!getInstalledClientLibraryVersion().equals(" < Your client version > ")) { List < String > secondaryLibs = new ArrayList < > (); secondaryLibs.add(" < Your secondary file > "); if (installLibrary(" < your client library path > ", secondaryLibs, true) != ERROR_NONE) { Log.e(TAG, "Error installing Dual DAR client lib"); return false; } } return true; } ``` -------------------------------- ### Get Installed Applications List Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/group__mdm__application.html API to get a list of all installed application packages. ```APIDOC ## mdm_get_installed_applications_list ### Description API to get a list of all installed application packages. ### Signature mdm_data_t * | mdm_get_installed_applications_list (void) ``` -------------------------------- ### Get list of installed applications Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/application_8h_source.html Retrieves a list of all installed applications on the device. ```C mdm_get_installed_applications_list(void); ``` -------------------------------- ### Creating and preparing a GenericVpnContext for Knox VPN Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/net/vpn/serviceprovider/GenericVpnContext.html This example demonstrates how to create an instance of GenericVpnContext, set generic VPN parameters, and then use it with VpnService.prepare() to initiate a Knox VPN profile. ```APIDOC ## Creating and preparing a GenericVpnContext for Knox VPN ### Description This code snippet shows how to instantiate `GenericVpnContext`, set the profile name and connection state, and then call `VpnService.prepare()` with this custom context to establish a Knox VPN profile. ### Method ```java GenericVpnContext vpnContext = new GenericVpnContext(this); vpnContext.setGenericVpnParams(profileName, GenericVpnContext.CONNECTING); VpnService.prepare(vpnContext); ``` ### Parameters - `this`: The current Android context. - `profileName`: The name of the Knox VPN profile. - `GenericVpnContext.CONNECTING`: A constant indicating the connection state. ``` -------------------------------- ### Installed Applications Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html API to get a list of all installed application package IDs. ```APIDOC ## getInstalledApplicationsIDList ### Description API to get a list of all installed application packages. ### Returns - String[]: An array of strings representing the package IDs of installed applications. ``` -------------------------------- ### Create and Start VPN Connection (Initial Scenario) Source: https://docs.samsungknox.com/dev/knox-sdk/features/mdm-providers/vpn/vpn-profile-configuration This section details the initial set of calls to create and start a VPN connection. It includes adding all packages and optionally setting auto-retry and VPN mode. ```java gm.createVpnProfile (String profileInfo); gm.addAllPackagesToVpn (String profileName); gm.addAllContainerPackagesToVpn ($container-id, String profileName); gm.getState (String profileName); // The return value should be 1 or 5 gm.setAutoRetryOnConnectionError (String profileName, boolean enable); //optional gm.setVpnModeOfOperation (String profileName, int vpnMode); //optional gm.activateVpnProfile (String profileName, true); ``` -------------------------------- ### Get User Request Example (cURL) Source: https://docs.samsungknox.com/dev/knox-manage/api Example of how to use cURL to make a GET request to the selectUserWithID endpoint. Ensure to replace the placeholder token with your actual Bearer token. ```bash curl -X GET \ https://ap01.manage.samsungknox.com/emm/oapi/user/selectUserWithID?userId=user01 \ -H "cache-control: no-cache" \ -H "content-type: application/x-www-form-urlencoded" \ -H "Authorization: bearer 98bfa733-aa70-4491-931f-f35442ff2e7e" \ ``` -------------------------------- ### GenericVpnService.prepare Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/net/vpn/serviceprovider/GenericVpnService.html Prepares the system to establish a VPN connection for a given profile. This method should be called before attempting to connect to the VPN. ```APIDOC ## prepare(Context context, String profile, boolean type, boolean isConnecting) ### Description Prepare to establish a VPN connection. ### Method static Intent ### Parameters - **context** (Context) - Required - The application context. - **profile** (String) - Required - The VPN profile name. - **type** (boolean) - Required - The type of VPN connection. - **isConnecting** (boolean) - Required - Indicates if the connection is being established. ``` -------------------------------- ### Create Knox Workspace with Pre-installed Apps and Security Settings Source: https://docs.samsungknox.com/dev/knox-sdk/features/mdm-providers/app-management/app-installation This example demonstrates creating a Knox container with custom configurations, including pre-installing specific apps (Email, Calendar, Contacts), setting a lock timeout, and configuring fingerprint authentication. The cloned configuration is then applied and the container is created. ```java KnoxConfigurationType defaultConfig = KnoxContainerManager.getConfigurationTypeByName("knox-b2b"); KnoxConfigurationType newConfig = defaultConfig.clone("custom4"); List appList = new ArrayList (); appList.add("com.android.email"); appList.add("com.android.calendar"); appList.add("com.android.contacts"); newConfig.setAppInstallationList(appList) newConfig.setMaximumTimeToLock(30 * 60 * 1000); newConfig.setPasswordQuality(BasePasswordPolicy.PASSWORD_QUALITY_FINGERPRINT); KnoxContainerManager.addConfigurationType(this, newConfig); KnoxContainerManager.createContainer("custom4"); ``` -------------------------------- ### Get application installation mode Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/application_8h_source.html Retrieves the current application installation mode setting. ```C mdm_get_application_installation_mode(void); ``` -------------------------------- ### init Source: https://docs.samsungknox.com/devref/knox-sdk/reference/native/html/classknoxremotedesktop_1_1IRemoteDesktop-members.html Initializes the remote desktop service. ```APIDOC ## init ### Description Initializes the remote desktop service. ### Method `pure virtual` ``` -------------------------------- ### Get Application Installation Disabled Status Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/application_8h_source.html Checks if the installation of a specific application is disabled. ```APIDOC ## mdm_get_application_installation_disabled ### Description Retrieves the installation disabled status for the specified application. ### Parameters #### Path Parameters - **pkg_name** (const char *) - The package name of the application. ### Returns - mdm_status_t - The status indicating if installation is disabled. ``` -------------------------------- ### Get Installed Packages Source: https://docs.samsungknox.com/dev/knox-sdk/sample-app-tutorials/manage-certificates-in-tima-ccm/manage-certificates Retrieves a list of package names for all applications installed on the device. ```java private List getInstalledPackages () { // Get list of installed packages List packages = getPackageManager().getInstalledPackages(0); // Initialize a list of package names ArrayList packageList = new ArrayList<>(); // For each installed package for (PackageInfo pInfo : packages) { // Add its package name to the return list packageList.add(pInfo.packageName); } return packageList; } ``` -------------------------------- ### Enabling meta-header with GenericVpnContext Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/net/vpn/serviceprovider/GenericVpnContext.html This example shows how to create a GenericVpnContext, set VPN parameters, enable meta-header support for passing metadata with VPN traffic, and then prepare the VPN service. ```APIDOC ## Enabling meta-header with GenericVpnContext ### Description This code snippet demonstrates how to create a `GenericVpnContext`, set the profile name and connection state, enable the meta-header for passing metadata with VPN traffic, and then use `VpnService.prepare()`. ### Method ```java GenericVpnContext vpnContext = new GenericVpnContext(this); vpnContext.setGenericVpnParams(profileName, GenericVpnContext.CONNECTING); vpnContext.enableMetaHeader(true); VpnService.prepare(vpnContext); ``` ### Parameters - `this`: The current Android context. - `profileName`: The name of the Knox VPN profile. - `GenericVpnContext.CONNECTING`: A constant indicating the connection state. - `true`: Enables the meta-header for metadata transmission. ``` -------------------------------- ### Create Knox Workspace with Pre-installed Apps and Security Settings Source: https://docs.samsungknox.com/dev/knox-sdk/features/mdm-providers/app-management This example demonstrates creating a Knox Workspace with custom configurations, including pre-installing specific apps (Email, Calendar, Contacts), setting a lock timeout, and configuring the password quality to fingerprint authentication. The cloned configuration is then added and used to create the container. ```java KnoxConfigurationType defaultConfig = KnoxContainerManager.getConfigurationTypeByName("knox-b2b"); KnoxConfigurationType newConfig = defaultConfig.clone("custom4"); List appList = new ArrayList (); appList.add("com.android.email"); appList.add("com.android.calendar"); appList.add("com.android.contacts"); newConfig.setAppInstallationList(appList) newConfig.setMaximumTimeToLock(30 * 60 * 1000); newConfig.setPasswordQuality(BasePasswordPolicy.PASSWORD_QUALITY_FINGERPRINT); KnoxContainerManager.addConfigurationType(this, newConfig); KnoxContainerManager.createContainer("custom4"); ``` -------------------------------- ### Get Force Auto Start Up State Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/custom/SystemManager.html Checks if the Force Auto Start Up feature is enabled. This is useful for determining if the device is set to automatically start up. ```java CustomDeviceManager cdm = CustomDeviceManager.getInstance(); SystemManager kcsm = cdm.getSystemManager(); if (kcsm.getForceAutoStartUpState()) { Log.d(TAG, "Force Auto Startup is on"); } ``` -------------------------------- ### Start Application Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/group__mdm__application.html API to launch an application. ```APIDOC ## mdm_start_application ### Description API to launch an application. ### Signature mdm_result_t | mdm_start_application (const char *app_id) ``` -------------------------------- ### getApplicationInstallationMode Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Gets the current installation mode for all applications. The default mode is to allow any application package to be installed. ```APIDOC ## getApplicationInstallationMode ### Description API to get the current installation mode for all applications. Default mode is allow (any application package can be installed). ### Method Signature public int getApplicationInstallationMode() ### Returns * Current mode of operation, one of `APPLICATION_INSTALLATION_MODE_ALLOW` or `APPLICATION_INSTALLATION_MODE_DISALLOW`. ### Since API level 2 ``` -------------------------------- ### Install Certificate in Owner Space Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/keystore/CertificateProvisioning.html Demonstrates how to install a certificate into the Wifi keystore and the Wifi, VPN, and Apps keystores when the caller is in the owner space. ```APIDOC ## Install Certificate ### Description Installs a certificate into specified keystores. This method is intended for use in the owner space. ### Method `installCertificateToKeystore` ### Parameters - `type` (int) - The type of certificate to install. Use `CertificateProvisioning.TYPE_CERTIFICATE` or `CertificateProvisioning.TYPE_PKCS12`. - `value` (byte[]) - The certificate data as a byte array. - `alias` (String) - An alias for the certificate. - `password` (String) - The password for the certificate (if applicable). - `keystore` (int) - The target keystore(s). Can be `CertificateProvisioning.KEYSTORE_DEFAULT`, `CertificateProvisioning.KEYSTORE_FOR_WIFI`, `CertificateProvisioning.KEYSTORE_FOR_VPN_AND_APPS`, or a combination using the bitwise OR operator. ### Throws `SecurityException` - If the caller does not have the required permissions or if the keystore is not in an appropriate state (e.g., not `ERROR_KEYSTORE_NONE` before API level 30, or if `KEYSTORE_FOR_WIFI` is used in user space). ### Request Example ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); CertificateProvisioning certProvisioning = edm.getCertificateProvisioning(); String filePath = "/sdcard/class3.crt"; byte[] certData = getByteArray(filePath); //internal function to retrieve byte array from file. try { boolean result1, result2; // installing into Wifi keystore (it will only work for owner space): result1 = certProvisioning.installCertificateToKeystore( CertificateProvisioning.TYPE_CERTIFICATE, certData, "mycert", "123456", CertificateProvisioning.KEYSTORE_FOR_WIFI); // installing into Wifi and VPN and Apps keystores (it will only work for owner space): if(CertificateProvisioning.ERROR_KEYSTORE_NONE == certProvisioning.getCredentialStorageStatus()) { result2 = certProvisioning.installCertificateToKeystore (CertificateProvisioning.TYPE_CERTIFICATE, certData, "mycert", "123456", CertificateProvisioning.KEYSTORE_FOR_WIFI | CertificateProvisioning.KEYSTORE_FOR_VPN_AND_APPS); } if(true == result1) { // certificate installed to Wifi keystore successfully } if(true == result2) { // certificate installed to Wifi and VPN and Apps keystores successfully } } catch(SecurityException e) { Log.w(TAG,"SecurityException: "+e); } ``` ``` -------------------------------- ### Get Approved App Installer Packages Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Retrieves the list of application packages designated as approved app installers. This is used to control which applications can install other applications on the device. ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); ApplicationPolicy appPolicy = edm.getApplicationPolicy(); try { List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` ```java EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context); KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID); ApplicationPolicy appPolicy = kcm.getApplicationPolicy(); try { List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` -------------------------------- ### Get Application Installation Mode Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/group__mdm__application.html Retrieves the current default installation mode for all applications. This mode can be set using mdm_set_application_installation_mode(). ```c mdm_status_t ret = mdm_get_application_installation_mode(); if (ret == MDM_ALLOWED) { // allowed } else if (ret == MDM_RESTRICTED) { // restricted } ``` -------------------------------- ### init Source: https://docs.samsungknox.com/devref/knox-capture-sdk/reference/-knox%20-capture%20-s-d-k/com.samsung.android.knox.smartscan.preview/-barcode-scan-preview-view/index.html Initializes the preview with configuration data. Other interface APIs will not work if the config is not set. ```APIDOC ## init ### Description Initializes the preview with configuration data. If the `config` object is not set, other interface APIs will not function correctly. ### Signature ```kotlin open override fun init(config: PreviewConfig, resultHandlingCallback: PreviewResultHandlingCallback) ``` ``` -------------------------------- ### Install Application Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/application_8h_source.html Installs an application from a given package path. ```APIDOC ## mdm_install_application ### Description Installs an application from the specified package path. ### Parameters #### Path Parameters - **pkg_path** (const char *) - The full path to the application package file. ### Returns - mdm_result_t - Returns MDM_RESULT_SUCCESS on success, or an error code otherwise. ``` -------------------------------- ### Get Packages from Prevent Start Blacklist Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Retrieves the list of packages that are on the prevent start blacklist. Activities from these packages cannot be started. This requires the KNOX_APP_MGMT permission and is available from API level 11. ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); ApplicationPolicy appPolicy = edm.getApplicationPolicy(); try { List pkgList = appPolicy.getPackagesFromPreventStartBlackList(); Iterator it = pkgList.iterator(); while (it.hasNext()) { String pkg = (String) it.next(); System.out.println("Package: " + pkg); } } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` -------------------------------- ### installLibrary() Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/ddar/DualDARClient.html Installs the crypto library and supporting files for the Dual DAR Client. ```APIDOC ### `int installLibrary(String clientLibPath, List secondaryFilePaths, boolean isAsset)` * **Description:** API to install Dual DAR Client's crypto library and supporting files to Dual DAR Client Daemon. Client App's crypto library and supporting files are copied to the **/data/misc/knoxcore/dualdar/** system directory. * **Parameters:** * `clientLibPath` (String): Path to the client crypto library that is to be installed. * `secondaryFilePaths` (List): Paths to the secondary files that are to be installed. Can be null. * `isAsset` (boolean): `true` if client lib and secondary files reside in assets directory, else `false`. * **Returns:** `ERROR_NONE` on success else `ERROR_FAILURE`. * **Since:** API level 28 * **Usage:** * If the secondary file is a shared object library, then compile the client crypto library by setting the **RPATH** variable to the **/data/misc/knoxcore/dualdar/** system directory. * If client lib and files are not in assets directory, then paths are relative to the application's base directory. Else, paths are relative paths to assets directory. * **Example (Assets):** ```java List secondaryLibs = new ArrayList<>(); secondaryLibs.add("libsecondary.so"); if (installLibrary("libclient.so", secondaryLibs, true) != ERROR_NONE) { Log.e(TAG, "Error installing Dual DAR client lib" + RELAY_FILE_NAME); return false; } ``` * **Example (Non-Assets):** ```java String filePrefix = getApplicationInfo().nativeLibraryDir + "/"; List secondaryLibs = new ArrayList<>(); secondaryLibs.add(filePrefix + "libsecondary.so"); if (installLibrary(filePrefix + "libclient.so", secondaryLibs, false) != ERROR_NONE) { Log.e(TAG, "Error installing Dual DAR client lib" + RELAY_FILE_NAME); return false; } ``` * **Note:** This API is to be used in `onClientBringup()` callback only. ``` -------------------------------- ### Get Packages from Blacklist (Approved App Installer) Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Retrieves a list of packages that are blacklisted for approved app installation within a container. This is useful for enforcing specific app installation policies. ```APIDOC ## getPackagesFromBlackList (TYPE_APPROVED_APP_INSTALLER) ### Description Retrieves the list of packages that are blacklisted for approved app installation within a container. ### Method `getPackagesFromBlackList(int type)` ### Parameters #### Path Parameters - `type` (int) - Required - Specifies the type of blacklist. Use `ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER`. ### Throws - `SecurityException` - If the caller does not have the required permissions. ### Usage ```java EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context); KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID); ApplicationPolicy appPolicy = kcm.getApplicationPolicy(); try { List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` ``` -------------------------------- ### Initialize MainActivity Source: https://docs.samsungknox.com/dev/knox-sdk/sample-app-tutorials/get-started-with-work-profiles/initialize-app Sets up the MainActivity by linking the XML layout, initializing UI elements, and setting up click listeners for various Knox-related actions. It also checks for Knox API level compatibility and whether the device already has a work profile. ```java public class MainActivity extends AppCompatActivity { public static final String TAG = "MainActivity"; private static final int ACTIVITY_REQUEST_CODE = 1; private static final int MINIMUM_KNOX_API_LEVEL = 24; private Utils mUtils; @Override protected void onCreate(Bundle savedInstanceState) { //...called when the activity is starting. This is where most initialization should go. super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); TextView logView = findViewById(R.id.logview_id); logView.setMovementMethod(new ScrollingMovementMethod()); mUtils = new Utils(logView, TAG); // Check if device supports Knox API level 24 (Knox 3.0) at minimum // With Knox 3.0, Knox Platform for Enterprise (KPE) is harmonized with Android Enterprise (AE) mUtils.checkApiLevel(MINIMUM_KNOX_API_LEVEL, this); Button createAndroidProfileBtn = findViewById(R.id.createAndroidProfileBtn); createAndroidProfileBtn.setOnClickListener(v -> createAndroidProfile()); Button activateLicenseBtn = findViewById(R.id.activateLicenseBtn); activateLicenseBtn.setOnClickListener(v -> activateLicense()); Button deactivateLicenseBtn = findViewById(R.id.deactivateLicenseBtn); deactivateLicenseBtn.setOnClickListener(v -> deactivateLicense()); Button toggleCameraBtn = findViewById(R.id.toggleCameraBtn); toggleCameraBtn.setOnClickListener(v -> toggleCameraState()); Button enforceMfaBtn = findViewById(R.id.enforceMfaBtn); enforceMfaBtn.setOnClickListener(v -> enforceMfa()); // Check if the application is a Profile Owner DevicePolicyManager devicePolicyManager = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE); boolean isProfileOwner = devicePolicyManager.isProfileOwnerApp(getPackageName()); if (isProfileOwner) { createAndroidProfileBtn.setEnabled(false); } else { activateLicenseBtn.setEnabled(false); deactivateLicenseBtn.setEnabled(false); toggleCameraBtn.setEnabled(false); enforceMfaBtn.setEnabled(false); } } ``` -------------------------------- ### getInstalledClientLibraryVersion() Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/ddar/DualDARClient.html Gets the version of the installed client crypto library. ```APIDOC ### `String getInstalledClientLibraryVersion()` * **Description:** API to get the installed client crypto library version. * **Returns:** The installed client crypto library version. * **Since:** API level 28 ``` -------------------------------- ### Configure Global Proxy Settings Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/net/GlobalProxy.html Demonstrates how to set up both static and PAC file-based proxy configurations. Includes setting hostnames, ports, exclusion lists, and authentication credentials. Note that some applications might not use the global proxy. ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); GlobalProxy globalProxy = edm.getGlobalProxy(); try { // 1. static proxy configuration String hostName = "128.128.128.128"; int portNumber = 80; List exclusionList = new ArrayList(); exclusionList.add("102.103.22.202"); exclusionList.add("www.samsung.com"); ProxyProperties staticProxy = new ProxyProperties(); staticProxy.setHostname(hostName); staticProxy.setPortNumber(portNumber); staticProxy.setExclusionList(exclusionList); // optional, set up authentication for the given static proxy staticProxy.setAuthConfigList(Arrays.asList(new AuthConfig[] { new AuthConfig("user", "pass") })); int resultStatic = globalProxy.setGlobalProxy(staticProxy); // 2. PAC proxy configuration String pacFileUrl = "http://128.128.128.128/proxy.pac"; ProxyProperties automaticProxy = new ProxyProperties(); automaticProxy.setPacFileUrl(pacFileUrl); // optional, set up authentication for the multiple proxies that could be returned in PAC file automaticProxy.setAuthConfigList(Arrays.asList(new AuthConfig[] { new AuthConfig("128.128.128.128", "3128", "user", "pass") new AuthConfig("128.128.128.128", "3129", "user1", "pass1") new AuthConfig("128.128.123", "3128", "user2", "pass2") })); int resultAutomatic = globalProxy.setGlobalProxy(automaticProxy); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` -------------------------------- ### Install Knox Token Library for JavaScript Source: https://docs.samsungknox.com/dev/knox-cloud-authentication/knox-cloud-authentication/tutorial-for-msps-generate-an-access-token-for-your-knox-msp-program-tenant Install the JavaScript library for Knox token generation. This is a prerequisite for using the JavaScript code examples. ```bash $ npm install knox-token-library-js ``` -------------------------------- ### Start Camera Preview Source: https://docs.samsungknox.com/devref/knox-capture-sdk/reference/-knox%20-capture%20-s-d-k/com.samsung.android.knox.smartscan.preview/-barcode-scan-preview-view/start-preview.html Initiates the camera preview and automatically starts the scanning engine. Ensure that `init()` has been called prior to invoking this method. ```APIDOC ## startPreview() ### Description Starts the camera preview to display frames and automatically initiates the scanning engine. It is a prerequisite to call `init()` before using this method. ### Method open override fun startPreview() ### Parameters This method does not accept any parameters. ### Request Example ```kotlin barcodeScanPreviewView.startPreview() ``` ### Response This method does not return any value. ``` -------------------------------- ### Get Non-Market App Installation Restriction Status Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/restriction_8h_source.html Use this API to check if non-market application installation is allowed on the device. The default value is true. ```c mdm_status_t status = mdm_get_allow_nonmarket_app(); if (status == MDM_STATUS_ERROR) { // function error } else { // function success printf ("status: %d", status); } ``` -------------------------------- ### Install Certificate with Type Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/keystore/CertificateProvisioning.html Installs a certificate of a specified type from a byte array. If the keystore is locked or this is the first installation, user interaction for password and certificate name is required. Otherwise, the user is prompted for the certificate name and destination keystore. ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); CertificateProvisioning certProvisioning = edm.getCertificateProvisioning(); String filePath = "/data/system/class3.crt"; byte[] bytes = getByteArray(filePath);//internal function to retrieve //byte array from file. try { certProvisioning.installCertificateWithType(CertificateProvisioning.TYPE_CERTIFICATE, bytes); } catch(SecurityException e) { Log.w(TAG,"SecurityException: "+e); } ``` -------------------------------- ### Get Recent Long Press Activity Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/custom/SystemManager.html Gets the package name of the activity that starts when the Recent hardware button is long-pressed. Returns null if no package has been set. ```java CustomDeviceManager cdm = CustomDeviceManager.getInstance(); SystemManager kcsm = cdm.getSystemManager(); String longPressActivity = kcsm.getRecentLongPressActivity(); ``` -------------------------------- ### removePackageFromWhiteList - Approved App Installer Source: https://docs.samsungknox.com/dev/ref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy Removes a package from the approved app installer whitelist, preventing it from installing applications. Supports both device-wide and container-based implementations with examples for TYPE_APPROVED_APP_INSTALLER policy type. ```APIDOC ## ApplicationPolicy.removePackageFromWhiteList(int, String) ### Description Removes a package from the whitelist for approved app installers. After removal, the application cannot install other applications on the device. ### Method JAVA (Android SDK) ### Endpoint ApplicationPolicy#removePackageFromWhiteList(int policyType, String packageName) ### Parameters #### Method Parameters - **policyType** (int) - Required - The policy type (e.g., TYPE_APPROVED_APP_INSTALLER) - **packageName** (String) - Required - Package name to remove from whitelist (e.g., "com.android.settings") ### Request Example - Device Implementation ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); ApplicationPolicy appPolicy = edm.getApplicationPolicy(); String pkgName = "com.android.settings"; try { int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, pkgName); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` ### Request Example - Container Implementation ```java EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context); KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID); ApplicationPolicy appPolicy = kcm.getApplicationPolicy(); String pkgName = "com.android.settings"; try { int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, pkgName); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` ### Response #### Success Response - **result** (int) - Integer result code indicating success or failure #### Error Handling - **SecurityException** - Thrown if caller does not have required permissions ### Permissions Required - com.samsung.android.knox.permission.KNOX_APP_MGMT (signature level) ### API Level Since API level 24 ### KNOX Version KNOX 3.0 ### Related Methods - addPackageToWhiteList(int, AppIdentity) - getPackagesFromWhiteList(int) ``` -------------------------------- ### Install an App Source: https://docs.samsungknox.com/dev/knox-sdk/features/mdm-providers/app-management This snippet demonstrates how to install an application onto a device or within a Knox Workspace container using the EnterpriseDeviceManager and ApplicationPolicy. ```APIDOC ## Install an App You can easily push an app onto a device or inside the Workspace container. ### Description Installs a specified application package. ### Method `installApplication(String packageName)` ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```java //Create EnterpriseDeviceManager EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); //Create app policy ApplicationPolicy appPolicy = edm.getApplicationPolicy(); //Install package appPolicy.installApplication("com.sample.packagename"); ``` ### Response #### Success Response (200) Indicates successful initiation of app installation. #### Response Example None explicitly defined, success is typically indicated by the absence of an error. ``` -------------------------------- ### Install Certificate Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/keystore/ClientCertificateManager.html Installs a client certificate using the provided certificate profile, certificate buffer, and private key password. ```APIDOC ## installCertificate ### Description Installs a client certificate. ### Method Signature public boolean installCertificate(CertificateProfile, byte[] certificateBuffer, String privateKeyPassword) ### Parameters - **CertificateProfile**: The profile for the certificate. - **certificateBuffer**: A byte array containing the certificate data. - **privateKeyPassword**: The password for the private key. ### Returns - `true` if the certificate was installed successfully, `false` otherwise. ### Usage ```java EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context); ClientCertificateManager clientCertificateManager = ekm.getClientCertificateManagerPolicy(); try { boolean result = clientCertificateManager.installCertificate(CertificateProfile, certificateBuffer, "privateKeyPassword"); if (result) { // Success } else { // Failed } } catch (Exception e) { Log.w(TAG, "Exception: " + e); } ``` ``` -------------------------------- ### Get Installed Certificate Names Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/group__mdm__security.html API returns a list of certificate names for a specified certificate type currently installed on a device. You can combine types using the OR operator. ```c mdm_result_t ret = 0; mdm_data_t *lp_data = mdm_get_installed_certificate_names(MDM_WIFI_CERTIFICATE); if (lp_data) { GList *lp_list = (GList *)lp_data->data; if (lp_list) { lp_list = g_list_first(lp_list); while (lp_list && lp_list->data) { ``` -------------------------------- ### Get Devices API Request Sample (cURL) Source: https://docs.samsungknox.com/dev/knox-deployment-program/api Example of how to make a GET request to the devices endpoint using cURL. Requires a reseller ID and an authorization token. ```bash curl --request GET \ --url 'https://api.samsungknox.com/kcs/v1/rp/devices?resellerId=988....419' \ --header 'Authorization: Bearer fW_x....Nm3H' ``` -------------------------------- ### Start an application Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/application_8h_source.html Starts a specified application using its application ID. ```C mdm_start_application(const char *app_id); ``` -------------------------------- ### Get Packages from Blacklist (Approved App Installer) Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Retrieves a list of packages blacklisted for approved app installation within a specific container. Requires a valid container ID. ```java EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context); KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID); ApplicationPolicy appPolicy = kcm.getApplicationPolicy(); try { List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` -------------------------------- ### Install App via URL (cURL) Source: https://docs.samsungknox.com/dev/knox-manage/api Use this cURL command to send a device control request for installing an application from a provided URL. Ensure all required parameters are correctly formatted and included in the request body. ```bash curl -X POST \ https://ap01.manage.samsungknox.com/emm/oapi/mdm/commonOTCServiceWrapper/sendDeviceControlForInstallApp \ -H "cache-control: no-cache" \ -H "content-type: application/x-www-form-urlencoded" \ -H "Authorization: bearer 98bfa733-aa70-4491-931f-f35442ff2e7e" \ -d "deviceId=dummydeviceid1&appPackage=test.samsung.appx&knoxId=testknoxid&url=https://test.samsung.app&componentClass=Activity&action=unknown&autoRun=Automatic" ``` -------------------------------- ### installApplication Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Installs an application package on the device. ```APIDOC ## installApplication ### Description API to install an application package. Deprecated in API level 36. ### Method Not specified (SDK method) ### Parameters #### Path Parameters - **packageName** (String) - Required - Package name of the application to be updated/installed on the device. ### Returns - boolean - `true` if application package installation is successful, else `false`. ### Throws - SecurityException - If the caller does not have the required permissions or the administrator is not a Device or Profile Owner. ### Usage An administrator can use this API to silently install any existing application without user interaction. This can be used to install an existing application in a different user space. **NOTE**: Since API level 38, only Device Owner or Profile Owner can call this API. ### Since API level 12 ``` -------------------------------- ### Get Installed Applications ID List Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Retrieves a list of all installed application package names on the device, including system and managed/unmanaged applications. Returns null if the operation is unsuccessful. ```java String[] installedApps = appPolicy.getInstalledApplicationsIDList(); if (installedApps != null) { Log.i(TAG, "Installed Apps: " + Arrays.toString(installedApps)); } else { Log.w(TAG, "Failed to get installed applications list."); } ``` -------------------------------- ### Get a specific LDAP account Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/accounts/LDAPAccountPolicy.html An administrator can use this API to get a particular LDAP account on the device using its ID. This example shows how to retrieve an LDAP account using the EnterpriseDeviceManager. ```APIDOC ## Get LDAP Account ### Description Retrieves a specific LDAP account by its ID. ### Method Signature `LDAPAccount getLDAPAccount(long ldapId)` ### Parameters #### Path Parameters - **ldapId** (long) - Required - The unique identifier of the LDAP account. ### Request Example ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); LDAPAccountPolicy ldapPolicy = edm.getLDAPAccountPolicy(); long ldapId = 1; try { LDAPAccount ldap = ldapPolicy.getLDAPAccount(ldapId); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` ### Response #### Success Response - **LDAPAccount** - The LDAP account object if found. #### Error Response - **SecurityException** - Thrown if the caller does not have the necessary permissions. ``` -------------------------------- ### Initialize App with Button Click Listeners Source: https://docs.samsungknox.com/dev/knox-sdk/sample-app-tutorials/manage-device-applications/initialize-the-app Set up onClickListeners for UI elements to trigger specific device administration actions. This example shows how to prompt the user for battery whitelisting and force stop blacklisting. ```java @Override public void onClick(View v) { promptUserPackageForBatteryWhitelist(); } }); toggleForceStopBlacklistBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { promptUserPackageForForceStopBlacklist(); } }); } //the logic for onClickListener functions are done here } ``` -------------------------------- ### Get Installed Certificates Source: https://docs.samsungknox.com/devref/knox-tizen-sdk/group__mdm__security.html Retrieves a list of installed user certificates of a specified type. The certificate details, including issuer and subject information, are printed to the console. Ensure the `lp_data` is freed after use. ```c mdm_result_t ret = 0; mdm_data_t *lp_data = mdm_get_installed_certificates(MDM_SYSTEM_CERTIFICATE); if (lp_data) { GList *lp_list = (GList *)lp_data->data; if (lp_list) { lp_list = g_list_first(lp_list); while (lp_list && lp_list->data) { security_information_fields *lp_certi_data = (security_information_fields *)lp_list->data; if (lp_certi_data) { printf("[Certi data: %d,%d,%s,%s,%s,%s,%s,%s,%s,%s \n(Issuer data: %s,%s,%s,%s,%s,%s,%s) \n(Subject data: %s,%s,%s,%s,%s,%s,%s)]", lp_certi_data->version, lp_certi_data->serialNumber, lp_certi_data->sigAlgo, lp_certi_data->issuerStr, lp_certi_data->subjectStr, lp_certi_data->pubKeyAlgo, lp_certi_data->pubKey, lp_certi_data->issuerUID, lp_certi_data->subjectUID, lp_certi_data->filePath, lp_certi_data->issuer.countryName, lp_certi_data->issuer.stateOrProvinceName, lp_certi_data->issuer.localityName, lp_certi_data->issuer.organizationName, lp_certi_data->issuer.organizationUnitName, lp_certi_data->issuer.commonName, lp_certi_data->issuer.emailAddress, lp_certi_data->subject.countryName, lp_certi_data->subject.stateOrProvinceName, lp_certi_data->subject.localityName, lp_certi_data->subject.organizationName, lp_certi_data->subject.organizationUnitName, lp_certi_data->subject.commonName, lp_certi_data->subject.emailAddress); } lp_list = g_list_next(lp_list); } } mdm_free_data(lp_data); ret = MDM_RESULT_SUCCESS; } else { ret = MDM_RESULT_FAIL; } ``` -------------------------------- ### Initialize MainActivity - Java Source: https://docs.samsungknox.com/dev/knox-sdk/sample-app-tutorials/manage-certificates-in-tima-ccm/initialize-app Sets up the main activity, initializes UI elements, and configures click listeners for various Knox SDK functionalities. It also checks for Knox SDK compatibility. ```java public class MainActivity extends AppCompatActivity { private static final int ADD_PACKAGE = 1; private static final int REMOVE_PACKAGE = 2; private static final int CHECK_PACKAGE = 3; private final String TAG = "MainActivity"; static final int DEVICE_ADMIN_ADD_RESULT_ENABLE = 1; private Button mToggleAdminBtn; private ComponentName mDeviceAdmin; private DevicePolicyManager mDPM; private CCMProfile mCCMProfileObj; private CertificateProfile mCertificateProfile; private Utils mUtils; @Override protected void onCreate(Bundle savedInstanceState) { //...called when the activity is starting. This is where most initialization should go super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); TextView LogView = (TextView) findViewById(R.id.logview_id); LogView.setMovementMethod(new ScrollingMovementMethod()); mDeviceAdmin = new ComponentName(MainActivity.this, SampleAdminReceiver.class); mDPM = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE); mUtils = new Utils(LogView, TAG); // Check if device supports Knox SDK mUtils.checkApiLevel(24, this); mToggleAdminBtn = (Button) findViewById(R.id.ToggleAdminbtn); Button ActivateLicenseBtn = (Button) findViewById(R.id.ActivateLicensebtn); Button DeactivateLicenseBtn = (Button) findViewById(R.id.DeactivateLicensebtn); Button SetCCMProfileBtn = (Button) findViewById(R.id.SetCCMProfilebtn); Button GetCCMProfileBtn = (Button) findViewById(R.id.GetCCMProfilebtn); Button DeleteCCMProfileBtn = (Button) findViewById(R.id.DeleteCCMProfilebtn); Button GetDefaultCertProfileBtn = (Button) findViewById(R.id.GetDefaultCertAliasbtn); Button InstallCertBtn = (Button) findViewById(R.id.InstallCertificatebtn); Button DeleteCertBtn = (Button) findViewById(R.id.DeleteCertificatebtn); Button AddPackageExemptListBtn = (Button) findViewById(R.id.AddPackageExemptListbtn); Button RemovePackageExemptListBtn = (Button) findViewById(R.id.RemovePackageExemptListbtn); Button CheckCCMEnabledForPackageBtn = (Button) findViewById(R.id.IsCCMPolicyEnabledForPackagebtn); Button ToggleTimaKeystoreBtn = (Button) findViewById(R.id.ToggleTimaKeystorebtn); Button IsTimaKeystoreEnabledBtn = (Button) findViewById(R.id.IsTimaKeystoreEnabledbtn); mToggleAdminBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { toggleAdmin(); } }); ActivateLicenseBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { activateLicense(); } }); DeactivateLicenseBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { deactivateLicense(); } }); SetCCMProfileBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { createCCMProfile(); } }); GetCCMProfileBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { getCCMProfile(); } }); DeleteCCMProfileBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { deleteCCMProfile(); } }); GetDefaultCertProfileBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { getDefaultCertificateAlias(); } }); InstallCertBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { createCertificate(); } }); DeleteCertBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { promptUserToDeleteCertificate(); } }); AddPackageExemptListBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { promptUserForPackage(ADD_PACKAGE); } }); RemovePackageExemptListBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { promptUserForPackage(REMOVE_PACKAGE); } }); CheckCCMEnabledForPackageBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { promptUserForPackage(CHECK_PACKAGE); } }); ToggleTimaKeystoreBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { toggleTimaKeystore(); } }); IsTimaKeystoreEnabledBtn.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { isTimaKeystoreEnabled(); } }); } // ... other methods } ``` -------------------------------- ### Get Packages from Blacklist (Approved App Installer) Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/application/ApplicationPolicy.html Retrieves a list of package names from the approved app installer blacklist. Wildcard characters can be used for pattern matching. This API requires the 'com.samsung.android.knox.permission.KNOX_APP_MGMT' permission. ```java EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context); ApplicationPolicy appPolicy = edm.getApplicationPolicy(); try { List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER); } catch (SecurityException e) { Log.w(TAG, "SecurityException: " + e); } ``` -------------------------------- ### onClientBringup Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/ddar/DualDARClient.html Handles the client bring-up process, including installing necessary libraries and checking version compatibility. ```APIDOC ## onClientBringup ### Description Initializes the Dual DAR client by ensuring the correct library version is installed. If a version mismatch is detected, it attempts to install the required client library and associated files. ### Method Signature ```java public boolean onClientBringup() ``` ### Returns * `true` if the client bring-up is successful or if no action was needed. * `false` if there was an error during library installation or if a version mismatch persists. ``` -------------------------------- ### Get Recent Long Press Mode Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/custom/SystemManager.html Retrieves the operation mode for long-pressing the Recent hardware button. This determines whether the button is off, starts an activity only for the launcher, or starts an activity regardless of the current application. ```java CustomDeviceManager cdm = CustomDeviceManager.getInstance(); SystemManager kcsm = cdm.getSystemManager(); if (kcsm.getRecentLongPressMode() == CustomDeviceManager.RECENT_LONGPRESS_HOME) { Log.d(TAG, "The Recent button will start the activity only for the launcher."); } ``` -------------------------------- ### startSmartView Source: https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/custom/SettingsManager.html Starts the smart view. ```APIDOC ## startSmartView ### Description This method starts the smart view. ### Method `public int startSmartView()` ### Returns - `SUCCESS` The smart view started successfully. - `ERROR_NOT_SUPPORTED` Device does not support smart view. ### Usage ```java try { CustomDeviceManager cdm = CustomDeviceManager.getInstance(); SettingsManager kcsm = cdm.getSettingsManager(); kcsm.startSmartView(); } catch(SecurityException e) { Log.w(TAG, "SecurityException:" + e); } ``` ### Permission The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_CUSTOM_SETTING" permission. ### Since API level 36 ```